It is not required to make LDAP settings on all the hubs for LDAP login in CA Unified infrastructure Management.
You can set Primary Hub as  the UIM Proxy Hub in your secondary hub LDAP settings

• Open Secondary Hub probe GUI. 
• LDAP settings: 
• Nimsoft Proxy Hub 
• Proxy LDAP Authentication 
• Proxy Hub == <primary hub> 

Explanation

You will have to set secondary hubs as LDAP 'proxy' hubs. You can do this on Linux or Windows hubs.

To do this, open the hub GUI on the hub in question and go to the Settings/LDAP tab like you normally would for configuring LDAP. 

On this screen set the radio button for "Nimsoft Proxy Hub" and then check the box for "Proxy LDAP Authentication". 

Now pull down the drop-down menu and locate the Primary Hub in the list. It will ask if you want to use this hub as a proxy hub - say yes then click OK and restart the hub. 

After this your LDAP requests will be forwarded to the primary hub which will in turn forward them to the LDAP server for authentication. 

To summarize the primay hub will have the LDAP authentication, and if authenticating onto a secondary hub, that hub will use the primary hub as an LDAP proxy hub, which is the normal configuration.